Wildcard search based on a field like Splunk?

jlrMantu · January 24, 2022, 4:04pm

Hello,

Sorry if this has been posted before, I couldn't find.

We are currently using Splunk but moving to Elastic / Kibana. On Splunk, we have some Fields in the dashboard, and when we search for a value, the search supports simply wildcard in that field (e.g. I search for email@*).

On Elastic / Kibana I am able to do a wildcard query of course, but it is not very user friendly, and the only fields I have are the Control Labels in Visualization, but their are based on strict values found in the logs.

Any way to reproduce this here?

Thanks!

ghudgins · February 3, 2022, 6:32pm

appreciate the feedback. on the controls front I think this is a good suggestion. we're doing active work in this area but this isn't on the list. will add it and discuss with the team [Controls] [Meta] Engineering Phase 2 Implementation Roadmap · Issue #120035 · elastic/kibana · GitHub

On Elastic / Kibana I am able to do a wildcard query of course, but it is not very user friendly

where are you in Kibana in this example? Discover?

jlrMantu · February 7, 2022, 3:04pm

In Kibana I am in the dashboard view, with Control Visualization added for the fields of my data

system · March 7, 2022, 3:05pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.